Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Custom whitelist of IP Addresses
  •  
jonnapa

Messages: 5
Karma: 0
Send a private message to this user

In the Blacklists tab, I have SpamHaus SBL-XBL ticked with "Increase score by 10" . One of our colleague's (from other location) mail was found in the quarantine address with the header info below:
"
Received: from DOMAIN ([##.##.##.##])
by my_domain.com;
Wed, 3 Jun 2009 19:11:10 +0200
From: <misty<_a.t_>my_domain.com>
To: "'Mans'" <mans.quad<_a.t_>my_domain.com>,
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0CBA_01C9E531.309B92B0"
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
X-Spam-Status: Yes, hits=8.3 required=5.0tests=DNSBL_ZEN.SPAMHAUS.ORG: 10.00,BAYES_00: -1.665,TOTAL_SCORE: 8.335
X-Spam-Flag: YES

"

I put in the "Custom whitelist of IP Addresses" the following:

Name: New IP Address Group
Type: Host
IP Address: ##.##.##.## (from the header info)
Description: Client X

I am on the right way to allow any mails coming from this specific IP to pass through regardless of spam or not?

I've been trying to understand from the manual, but I am a bit confused.

Thanks and regards,

jonnapa


  •  
sgongola

Messages: 109
Karma: 0
Send a private message to this user
You can have multiple IP Address groups that can be used for different purposes.
Make sure the IP address group you see in the Custom whitelist of IP addresses>IP address group entry is your New IP Address Group that contains the ip address you want to whitelist.

Make sure you are using the correct ip address. It should be the latest Received header entry. You can also check the message in the security logs to make sure you have the correct address. Other than that, your friend should take steps to be removed from the block list.

[Updated on: Thu, 04 June 2009 19:44]

  •  
BudDurland

Messages: 348

Karma: 10
Send a private message to this user
jonnapa wrote on Thu, 04 June 2009 10:47


I put in the "Custom whitelist of IP Addresses" the following:

Name: New IP Address Group
Type: Host
IP Address: ##.##.##.## (from the header info)
Description: Client X

I am on the right way to allow any mails coming from this specific IP to pass through regardless of spam or not?



Almost. White listing an IP address will make it immune to being test on the black lists (Spamhaus, etc). However, the message will still be tested by SpamAssasin, so depending on the content of the message may still be tagged as spam. I've submitted a feature request that e-mail from white listed IP's should also bypass SpamAssasin testing.


Good is better than evil because it's nicer
--Mammy Yokum
  •  
jonnapa

Messages: 5
Karma: 0
Send a private message to this user
It did not worked!

I put the IP on the Whitelist at 4pm, but still got bunch of mails from our colleague in the Trap at 7pm. The Blacklist (for SPAMHAUS) still added 10. See below.

What am I missing?

Quote:

X-Spam-Status: Yes, hits=8.3 required=5.0
tests=DNSBL_ZEN.SPAMHAUS.ORG: 10.00,AWL: 0.000,BAYES_00: -1.665,
TOTAL_SCORE: 8.335
X-Spam-Flag: YES
X-Spam-Level: ********
Received: from MY_DOMAIN ([##.##.##.##])
by MY_DOMAIN.com;
Thu, 4 Jun 2009 19:10:47 +0200
From: <mis<_a.t_>my_domain.com>
To: "'Man'" <mans.qua<_a.t_>my_domain.com>,
Subject: Invoices Due for Shabbani
Date: Thu, 4 Jun 2009 20:10:32 +0300
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0375_01C9E550.8496F5C0"
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4325

  •  
freakinvibe

Messages: 1533
Karma: 61
Send a private message to this user
You probably got the IP address wrong. Check the security log for something like

IP address 84.72.162.20 found in DNS blacklist SPAMHAUS ZEN, mail from <mis<_a.t_>my_domain.com> to <mans.qua<_a.t_>my_domain.com>

Then use this IP address in your white list. Don't get it from the mail headers as many times they are confusing.

Dexion AG - The Blackberry Specialists in Switzerland
https://dexionag.ch
  •  
TorW

Messages: 769
Karma: 9
Send a private message to this user
In that case, he wouldn't be the first to blacklist the ISPs upstream mail gateway (a.k.a. "the last IP in the headers before our own" Smile ).

[Updated on: Tue, 09 June 2009 12:58]

Previous Topic: Very high AWL and MSGID
Next Topic: Resource temporarily unavailable
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Tue Sep 26 18:15:54 CEST 2017

Total time taken to generate the page: 0.00437 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.